Posts Tagged ‘Carnegie Mellon’
Friday, July 10th, 2009
I’ve had some very interesting discussions about the CMU SSN study throughout the week, and, before moving on to other topics next week, I wanted to wrap up the week and discussion with some final thoughts on the CMU SSN topic..
(more…)
Tags:awareness and training, Carnegie Mellon, CMU, Information Security, IT compliance, IT training, policies and procedures, privacy training, risk management, security training, social engineering, social security number, SSN
Posted in Information Security, Privacy and Compliance | No Comments »
Wednesday, July 8th, 2009
Following the release of the CMU SNN report on Monday, I’ve had some very interesting discussions with privacy and information security folks, and I’ve been pretty amazed at some of the reactions to the study.
I also posted about this to one of the GRC mailing lists I participate in, and I got some questions asking me for my thoughts about some specific issues. I wanted to share those thoughts here as well…
(more…)
Tags:awareness and training, Carnegie Mellon, CMU, Information Security, IT compliance, IT training, policies and procedures, privacy training, risk management, security training, social engineering, social security number, SSN
Posted in Information Security, Privacy and Compliance | No Comments »
Monday, July 6th, 2009
It is nice to have scientific evidence of what we’ve been telling business leaders ever since they wanted to start using SSNs as identifiers and passwords!
Today Carnegie Mellon University (CMU) released a very revealing report, “Predicting Social Security numbers from public data” I want to expand upon some of the issues covered within it, and then urge you to communicate effectively to your business leaders the related concerns of your organization…
(more…)
Tags:awareness and training, Carnegie Mellon, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy training, risk management, security training, social security number, SSN
Posted in Information Security, Privacy and Compliance | No Comments »
Monday, July 6th, 2009
It is nice to have scientific evidence of what we’ve been telling business leaders ever since they wanted to start using SSNs as identifiers and passwords!
Today Carnegie Mellon University (CMU) released a very revealing report, “Predicting Social Security numbers from public data” I want to expand upon some of the issues covered within it, and then urge you to communicate effectively to your business leaders the related concerns of your organization…
(more…)
Tags:awareness and training, Carnegie Mellon, CMU, Information Security, IT compliance, IT training, policies and procedures, privacy, privacy training, risk management, security training, social security number, SSN
Posted in Information Security, Privacy and Compliance | 1 Comment »
Wednesday, March 25th, 2009
I was very happy to be invited to Carnegie Mellon University (CMU) to speak about information security and privacy convergence last month at their CyLab research and education center. It was a great experience!
(more…)
Tags:awareness and training, Carnegie Mellon, CyLab, Information Security, IT compliance, IT training, policies and procedures, privacy awareness, privacy training, risk management, security awareness, security training
Posted in Information Security | No Comments »
Sunday, January 11th, 2009
It is almost time, once more, for international Data Privacy Day; January 28, 2009!
Don’t just sit there; plan something to make your personnel, your family and friends, and/or your community more aware of privacy issues and concerns!
Here are a few ideas to get you started:
(more…)
Tags:awareness and training, Carnegie Mellon, CyLab, Data Privacy Day, Information Security, IT compliance, IT training, Nymity, policies and procedures, privacy bird, privacy training, risk management, security training
Posted in Privacy and Compliance, Training & awareness | 3 Comments »
Friday, December 5th, 2008
My long-time friend, Richard Power, recently published an article in CSO magazine about a recent study he and Jody Westby did at Carnegie-Mellon in his Cylab center…
(more…)
Tags:awareness and training, Carnegie Mellon, CyLab, Information Security, IT compliance, IT training, jody westby, policies and procedures, privacy training, Richard Power, risk management, security training
Posted in Information Security, Privacy and Compliance | No Comments »
Monday, July 21st, 2008
Here is a very interesting-looking online seminar…FREE…looks worth checking out…
(more…)
Tags:awareness and training, Carnegie Mellon, CERT, cyber security, cybercrime, CyLab, Information Security, IT compliance, policies and procedures, privacy training, Richard Power, risk management, security training
Posted in Training & awareness | No Comments »
Wednesday, July 11th, 2007
I enjoy reading Scientific American Magazine. And I especially am interested in reading their articles that touch upon, or directly address, information security, privacy or compliance. It is always nice to see the views of practitioners, educators, researchers and others who are not on the typical information security circuit of publications.
(more…)
Tags:access control, authentication, awareness and training, Carnegie Mellon, compliance, identity management, Information Security, IT compliance, Latanya Sweeney, policies and procedures, privacy, risk management, Scientific American, SDLC
Posted in Information Security, Privacy and Compliance | No Comments »
